Sometimes creating a brand new website can be daunting. I've been there numerous times for each of my websites. Back when the new gTLDs came out I purchased a few. takes.pics for my photography and a .fyi, which I had dreams of becoming a site where people can get information. But I realized that there are a lot of sites that serve the same information I was after. So I didn't act on my idea. Eventually I decided to try and sell the domain, hoping I could get a quick payout for a rather short/generic domain name. But nothing came of it. I quit my job and wasn't making enough money to afford the renewal the domain every year, so I turned off auto renew and waited for time to run out. Got an e-mail the other day that the website was about to expire and action was required if I wanted to keep it. I had since gotten another job and figured, what heck. So, on July 24th I renewed it for another two years.

By the end of the day I had a HTML & CSS design made up of one page. I knew I wanted to create other pages so the next day I changed the site from pure HTML to PHP. This allowed me to separate key areas like the header and footer, and any change I made to the header instantly took affect on all the other pages. Once that was done I worked on replacing the placeholder links (href="###") with actual links (page.php/?foo=bar) so that the requested pages showed the desired content. That was done by last night.

Today, July 26th I started the backend. It now successfully serves the main content to the site. I deviated a little bit from my comfort zone and used PDO instead of MySQLi functions. I remember Tari or another user recommending I use PDO a few years back but I ignored that advice because doing so would have meant redoing a bunch of my queries. So, this time around I'm starting with PDO.

Later today I hope to have a successful user login page and an area for users to submit information. I will not be implementing a registration page for a while since the site won't be ready for such activity. But the user portal will be important as I test and work on the user functions so that'll definitely come first.

I'll keep you guys posted as I progress. Will probably do most of the color and style work later on. The site has a style now but it's just a basic one so I can see what I'm doing and stuff; but it's still pretty black and white. I intend to teach myself some javascript to make the site interactive and dynamic. I can't wait to see what progress I'll make in a few months if I keep this pace up. Maybe I'll post the link in a few weeks when I have a more polished style/design completed.

Two days and I already have a functional site with a backend. Maybe a total of 5 hours of work from inception to here. If I can do it, anyone can do it! Wink
Are you aware that you're just linking to tweets?
allynfolksjr wrote:
Are you aware that you're just linking to tweets?


Oh shoot. I wonder how I got that mixed up. Here's what I meant to link to. Thanks for correcting me there. Moving on:

Later in the day from the last tweet I linked to in my prior post I admitted that I was having some difficulty with getting version control/git to work, as well as the other goals I had wanted to work on. But that didn't stop me as the following day I successfully set up git! In the days since I've got a MAMP server running on an old computer that also serves as a host to a few other services. Now I can edit a local copy of the site then push it to the server when features are added.

This is one reason why I stopped working on my photo journal. I wanted to add features and work on overall improvements but editing on the live site was awful. So I'm really ecstatic to get a local MAMP server running. And I'm glad to finally understand versioning and get my IDE to successfully work with git; it's always had the support and functionality I just never knew how to set it up. Once I figured it out I took the time to add a few other sites to git.

Now that I'm finally up to speed - with a few hiccups - I plan to start working on the site again. My ambitious goal is to have something complete and functional by the end of August (albeit without a real theme) but I have a few trips and work deadlines that may cause me to finish in September. But it's looking like I'll meet my personally imposed deadline of January 2018.
Nothing worth tweeting about but I made some fairly rookie mistakes today.

I had set a variable to be a password. Basically, if the word in this field doesn't match what I have set in the script then ignore the input and reload the form. Below is a fairly generic copy of the code.


Code:
$check = isset($_POST['check'])

if($check) {
    blah
}


I could not figure out why everything was approved. I, of course, had no debug stuff. After I added in tons of stuff I found out that I wasn't saving the value of the "check." Since the POST value was set, the variable was assigned a 1 for true.

I've still got a bug where the form is submitted to the database even if required fields are missing. The debug info tells me the script KNOWS there's data missing but submits it anyways. So, I'll be adding more debugging echos and what not.

After I successfully get past this bug it'll be time to work on allowing users to signing and only showing this page to logged in users. I've also got to get searching and sorting to work as well. Once those two done it should be ready for presentation. Then I'll work on some more user features like commenting, voting and reporting. More cosmetic additions, like a theme and color, will come later in the year. I might have to outsource that. I'm just making a basic theme so the site looks decent while I create it, and to also sort of convey my design ideas, then I'll focus on everything else later.
Havne't made much progress over the last few days. Instead I've taken a step back and rethought how to present the information on the site. Since this is a .fyi gTLD I am focused on presenting information that is both succinct and accurate but I discovered a problem, drive by voting.

I'm totally guilty of it. On the front page of reddit I'll constantly up or down vote posts based on the title rather than the content. When I put my habitual voting on reddit to this site I'm making I realized it would completely undermine the information and nature of the site. So I instead elected to remove the voting off the main page(s) and move the voting to the sources of that information. That way users are encouraged to vote on the accuracy of the sources. On this same page users will also be able to comment and discuss the information on the page.

While doing this I realized I'd need to rethink how I use the database. While talking to Kerm about it he turned me over to relational databases and how that MySQL was built for this. The idea behind these is that instead of storing all the information in as few tables as possible, you create tables for all the information. So, in my case instead of having a column for "sources" in the main table that lists each source I'd create a table called "Sources" and have a new row for each source, and I'd have a column in that new table that includes the UID for each bit for information.

That way it's also easier to score each source. To go deeper there's a table for voting. When a user votes, a new row is inserted and the UID of that source and the user are linked to the vote. So that's where I'm at now. Trying to plan out what tables I need to create and how to address each one when presenting information.

I still need to implement sessions so I can create a user login page and a few other improvements. So hopefully by the end of September I'll be far enough along to show what I've created with the world and then I'll hire a graphic designer to help with the visual design.
Picking this project back up after being away from it for two months. I accomplished the above post before stopping which is great because I would be totally lost if I were to start working on the things in that post today. Right now I'm focusing on getting user sessions implemented so that I can sign in. Then I'll work on user permissions and a control panel of sorts before moving on to user registration.

While the site is largely presentable in it's current form I want to streamline a few things before my self-imposed deadline of January 2018. No matter my progress from this point forward, I'll be showing it off in January. Why not show it now? I'm still working on backend stuff and I feel like a lot of the comments and feedback I get will be about the front end design which I know is lacking. My plan is to show off my site and to generate interest in the concept and any interested volunteers. I concede that there's a lot of backend stuff that I don't know how to do as well which is why I want to focus on a (more or less) functional concept over the style and presentation.
Lack of focus has made slow progress these last few weeks but made some great strides related to user sessions on the site. I can successfully determine if a usernames and passwords are correct (or incorrect). There's room for optimization but not important right now.

All I need to do now is save this to a session variable and start working on validating sessions on pages that require users to be logged in. Also, on public pages presenting different links and functions based on a users session data (logged in vs logged out). After that I'll add a basic user rank system, so I can differentiate between admins, moderators, and regular users around the site.

Once that is done the site will be ready for presentation in January 2018. I'll try and hammer out a few other things such as a control panel for users and some smaller areas. Perhaps even a registration page, which will only support registrations off a specific code as I enter a very limited alpha stage. I'll use this time to build the content of the site and get overall feedback on the usability. Maybe use it to recruit additional help from others around the net.
https://blog.codeship.com/why-you-shouldnt-roll-your-own-authentication/
allynfolksjr wrote:
https://blog.codeship.com/why-you-shouldnt-roll-your-own-authentication/


Would you mind elaborating in your own words? Perhaps explaining why it's ill-advised for someone to make their own authentication in a paragraph or so and then providing a link, or links, to more thorough resources and material. I appreciate the link but, as an Admin, we'd like users to refrain from low effort posts to maintain our "quality over quantity" mantra. Idea
I'm confused: how is posting a highly relevant link considered "low quality?"
allynfolksjr wrote:
I'm confused: how is posting a highly relevant link considered "low quality?"


I see where you're confused. I never said "low quality" I said "low effort." A low effort post is a post that doesn't make an attempt at a discussion; a link doesn't facilitate a meaningful discussion. You are more than welcome to say something like "You shouldn't make your own authentication system from scratch because..." and then share links that strengthen your points. You can even say something like "Check out this blog post about writing authentication from scratch. This will be a good read because..."

Hope this helps! Good Idea
Or people could just click on the link and not have to read the same information twice, one paraphrased and the other quality content.
MateoConLechuga wrote:
Or people could just click on the link and not have to read the same information twice, one paraphrased and the other quality content.


That's true! They could. But we can't guarantee the longevity of external websites. It's always nice to summarize what you're linking to. What if someone were to stumble across this topic in a few years, will Codeship still be here? Incredibly likely, but it's always nice to explain and summarize what you're linking too just in case that resource doesn't exist in the future.

Dropping a link in a topic is like hearing someone talking about crafting a dining room table then giving them Woodworking Magazine open to an article about the difficulties of making a dinning room table and walking away. There's no context or attempt at conversation.

If Nikky wanted to be helpful he could have said something like this:

    Obviously Not Nikky
    Be careful about creating your own authentication system, it's not something you want guesswork on; read this blog post from Codeship that covers why you shouldn't. Some key points it makes are...

    But if you really want to learn more about authentication and creating something like this from scratch then it's imperative that you familiarize yourself with these methods. ... That should get you headed in the right direction. Of course, explore the links as they have tons of helpful articles and tutorials.


This will allow me to continue the discussion about creating an authentication system.

    Alex
    Thanks! Those are some points I hadn't considered when making my authentication system. I'll check it out. I am certainly interested in continuing to make my own system and I'm learning a lot in the process.

    In the grand scheme of things, I will certainly replace my own authentication. Currently, my goal is to create a functional website while learning as much as I can in the process. Currently, users can login and log out. That's it. Doing anything other than that will not make it into the site in January, including registration. I've added user ranks but they mean nothing in the current system. This system is to merely help me understand creating and reading sessions across multiple pages.

    Once I push the site to the domain, I hope to find others who are as passionate about this topic as I am and together we can implement stuff like a real authentication system, work on the site visuals & style, member ranks & privileges (such as admin & moderator), and a lot more. So, when implementing a real authentication system I'll keep that blog post and those resources in mind.
Put the project off for a few weeks but now it's the holiday break and I'm doing my best to get caught up on projects like this. January is looking pretty busy in terms of social and work obligations but I've got my fingers crossed I'll be able to spend a few hours a week on this.

Over the last 3 days I've pushed about 12 commits to the repo8 of those being fairly major milestones. Some of the bigger accomplishments that I'll touch on were: Added comments; created a graphic logo; Apache ReWrite Engine; user registration.

Presently, I don't insert profile registrations into the database but I went ahead and did all the work because it was a relatively easy task to accomplish while I brainstormed how to tackle other problems. I also am not allowing registrations to the database because, really, there's no reason to at the moment. As they can't really interact with the site yet. The only thing "users" can do are submit topics. So, when "a user" (read: me) registers a profile, if everything is peachy then a message is displayed that reads "Success" instead of running a script to insert into the user table.

Two of these larger problems were Apache ReWrite Engine and the logo. I've never been a very creative person so creating a logo image from scratch was incredibly difficult and my first iteration was really stupid. The image held the concept of what I wanted but in the end the execution was utter garbage. Surprisingly, the second version I did was much better. It's certainly got room for improvement but it'll suffice until I can hire a graphic designer to make a cleaner version.

The Apache ReWrite Engine was a lot simpler to do than I imagined. The hardest part was actually going through and adding in rewrite rules for various things. I then had to go back and change any URLs. I also had to change scripts that relied on $_GET variables. The second hardest part was determining the structure I'd want to use. I'm still going back and forth on one last URL, I plan to seek some feedback over the next week or so.

The comments, while an important addition, are more for presentation at the moment. The comments are hard coded into the topic display script, so every topic displays the same set of comments. I did this because I needed a way to populate the topics with comments for styling and to see the page in it's entirety. It was much easier than writing the script to add comments into a table for each topic and then submitting dozens of comments myself. I'm also entertaining nested comments, as they're pretty common around the web (see: Facebook, reddit, imgur, various message boards, comment systems on blogs, etc).

That's everything I've done in the last 3 days but now I'm going to have to start focusing on getting user groups/ranks implemented. I'm not entirely sure how I'll do it yet but it's something I'm actively looking in to. I'm almost done adding in all the information I'd want displayed on each page, after which I'll start looking at ways to present that information effectively while will tie in to a brand new theme and site presentation. When I started, I created a style that I'm familiar with making and comfortable with modifying to suit various goals/tasks/projects.

Then, over the next few weeks I'll be getting waist deep into JavaScript to start the interactive part of the site. I was hoping to have the site pretty functional when I pushed it to production but then I realized that I wouldn't be able to achieve what I wanted without JavaScript. So, I may delay until February or March. But, I'm still looking at January so I can get feedback from a lot more people. I can use analytics from Google and other services to understand what visitors are looking at and clicking on the most, and use that information to discover what I should focus on presentation wise.
Alex wrote:
I then had to go back and change any URLs. I also had to change scripts that relied on $_GET variables.


I undid this because it never crossed my mind I could still access $_GET variables and it's so much easier to read the variables than parse the URL and look for certain keywords. Rolling Eyes

Currently working on voting and using AJAX/jQuery to accomplish this. I started by searching around online on how to insert rows into a MySQL table with Javascript and realized that it's as simple as calling a PHP file. After a bit of trial and error I was successfully adding in rows via onClick events.

Since it's not about how many times each person can click the buttons I needed to come up with a way to only let users vote once which was remarkably straight forward. I pull the last row of the table that matches their username and the page they're on and return the vote value. If the value matches the clicked value, then the vote is ignored. I can successfully up vote and down vote, but not either of those twice in a row.

My current challenge is actually nullifying votes. Such as if a user up or down voted on accident. My first plan of attack was to just add in the opposite value ($rating * -1) into the table but I realized that's no different than adding a vote as the script I wrote will see that entry as a vote.

I'm stumped on how to remedy this. Which is why I'm here, perhaps writing it out will let me get my thoughts down and see my problem in text rather than variables and code.

I could add a third button to nullify the vote with a "0" OR just insert a "0" into the table when clicking the arrow again. But, then I end up with an inaccurate total vote count. Since accidental votes would still count. If 5 people vote "up" and 3 people vote "down" I'd have "1,1,1,1,1,-1,-1,-1" for a net total of 2. If one of those people cancels their vote I'll have "1,1,1,1,1,-1,-1,-1,0" which won't change the score when I add it all up. However...

I could add a new column to the table that explicitly states the action: "UP", "DOWN", "ZERO". Then I could have a starting value of "1" and if the user wishes to cancel that up vote the following would be: "ZERO", "-1". Or, if they wished to immediately down vote after the up vote, it would be: "DOWN", "-1". When summing the totals I can just fetch the rows that match "UP" & "DOWN".

Which is probably what I'll end up doing.

I've also started looking into UI Frameworks like BootStrap but I will not be using BootStrap as it produces UI's that aren't inline with what I have in mind. BootStrap is great for creating a Content Management System UI or something of that nature.
Some minor changes over these last few days.

I've been working to keep a consistent appearance between users who are just guests and those who are logged in; primarily that page elements sit in the same spot regardless if there's anything above it or not. This was noticeable mostly with the post interactions, since those require a user to be logged in they are not displayed to logged out visitors. Once I managed that I decided to do a few more changes.

I also renamed all the tables in the MySQL database to be more descriptive. Instead of "posts" and "profiles" it's now something like "prefix_posts" and "prefix_profiles."

I've also started removing hard-coded variables. Prior to this the max eposts per page I showed as 5, I've moved this to a variable so when I eventually change this to a higher number I don't need to edit every page. It's 5 right now to test page numbers and stuff since I don't have enough content to create a page with 10 or 20 posts each.

I'm getting the hang of using queries inside of queries. Not sure how to describe it as I'm still wrapping my head around it. But I think it'll require me to rewrite my existing queries so I can let users sort and order things how they want to when searching. This mostly affects the "previous" and "next" functions at the moment since they get the next and previous post in the table, rather than the defined sort order. But, when I allow visitors to sort by various criteria I'll want to make sure they continue to view posts in their defined sort order. On a similar note, the arrow keys let visitors view the "previous" and "next" posts via javascript.

Starting to differentiate between activated and unactivated accounts. Probably going to start working on activation e-mails soon. Unactivated users will still be able to sign in and have limited interaction with the site, they just won't be able to post or comment at the moment. I'm still debating if I want to require registration before signing in. In a similar vein, going to add a few more checks to the user registration page. Regarding passwords, I don't impose any restrictions BUT I may limit passwords to a certain length; nothing too short but I just don't want someone to write an essay for a password as I'm not sure how the hash function handles it. I wrote about 900 characters and it was the same length as a password that was 5, so I'm thinking a limit of 64 or 128 characters is a decent.
Quote:
Regarding passwords, I don't impose any restrictions BUT I may limit passwords to a certain length; nothing too short but I just don't want someone to write an essay for a password as I'm not sure how the hash function handles it. I wrote about 900 characters and it was the same length as a password that was 5, so I'm thinking a limit of 64 or 128 characters is a decent.

Why are you writing a production authentication engine when you don't know how a hash function works?

Normally I'd link to a nice article about how hashes work, but since you just start braying whenever I link to something and I don't feel like explaining how they operate, that exercise is left to the reader.
Alex wrote:
I also renamed all the tables in the MySQL database to be more descriptive. Instead of "posts" and "profiles" it's now something like "prefix_posts" and "prefix_profiles."

How is this more descriptive? Using Occam's Razor, we can clearly see that this is, in fact, less descriptive.
MateoConLechuga wrote:
Alex wrote:
I also renamed all the tables in the MySQL database to be more descriptive. Instead of "posts" and "profiles" it's now something like "prefix_posts" and "prefix_profiles."

How is this more descriptive? Using Occam's Razor, we can clearly see that this is, in fact, less descriptive.


I am entirely onboard with not having prefixes but when I was looking at MySQL databases from other installed services they all include a prefix. such as phpbb_, stats_, etc_ even though they all have their own database; it seemed like a good rule of thumb.
Alex wrote:
I am entirely onboard with not having prefixes but when I was looking at MySQL databases from other installed services they all include a prefix. such as phpbb_, stats_, etc_ even though they all have their own database; it seemed like a good rule of thumb.

You really need to read this. Especially Rule 1a and Rule 1b.
  
Register to Join the Conversation
Have your own thoughts to add to this or any other topic? Want to ask a question, offer a suggestion, share your own programs and projects, upload a file to the file archives, get help with calculator and computer programming, or simply chat with like-minded coders and tech and calculator enthusiasts via the site-wide AJAX SAX widget? Registration for a free Cemetech account only takes a minute.

» Go to Registration page
Page 1 of 2
» All times are UTC - 5 Hours
 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

 

Advertisement